01 May, 2006
13 commits
-
1) The audit_ipc_perms() function has been split into two different
functions:
- audit_ipc_obj()
- audit_ipc_set_perm()There's a key shift here... The audit_ipc_obj() collects the uid, gid,
mode, and SElinux context label of the current ipc object. This
audit_ipc_obj() hook is now found in several places. Most notably, it
is hooked in ipcperms(), which is called in various places around the
ipc code permforming a MAC check. Additionally there are several places
where *checkid() is used to validate that an operation is being
performed on a valid object while not necessarily having a nearby
ipcperms() call. In these locations, audit_ipc_obj() is called to
ensure that the information is captured by the audit system.The audit_set_new_perm() function is called any time the permissions on
the ipc object changes. In this case, the NEW permissions are recorded
(and note that an audit_ipc_obj() call exists just a few lines before
each instance).2) Support for an AUDIT_IPC_SET_PERM audit message type. This allows
for separate auxiliary audit records for normal operations on an IPC
object and permissions changes. Note that the same struct
audit_aux_data_ipcctl is used and populated, however there are separate
audit_log_format statements based on the type of the message. Finally,
the AUDIT_IPC block of code in audit_free_aux() was extended to handle
aux messages of this new type. No more mem leaks I hope ;-)Signed-off-by: Al Viro
-
Hi,
The patch below builds upon the patch sent earlier and adds subject label to
all audit events generated via the netlink interface. It also cleans up a few
other minor things.Signed-off-by: Steve Grubb
Signed-off-by: Al Viro
-
The below patch should be applied after the inode and ipc sid patches.
This patch is a reworking of Tim's patch that has been updated to match
the inode and ipc patches since its similar.[updated:
> Stephen Smalley also wanted to change a variable from isec to tsec in the
> user sid patch. ]Signed-off-by: Steve Grubb
Signed-off-by: Al Viro -
Hi,
The patch below converts IPC auditing to collect sid's and convert to context
string only if it needs to output an audit record. This patch depends on the
inode audit change patch already being applied.Signed-off-by: Steve Grubb
Signed-off-by: Al Viro
-
Previously, we were gathering the context instead of the sid. Now in this patch,
we gather just the sid and convert to context only if an audit event is being
output.This patch brings the performance hit from 146% down to 23%
Signed-off-by: Al Viro
-
This patch provides the ability to filter audit messages based on the
elements of the process' SELinux context (user, role, type, mls sensitivity,
and mls clearance). It uses the new interfaces from selinux to opaquely
store information related to the selinux context and to filter based on that
information. It also uses the callback mechanism provided by selinux to
refresh the information when a new policy is loaded.Signed-off-by: Al Viro
-
The following patch provides selinux interfaces that will allow the audit
system to perform filtering based on the process context (user, role, type,
sensitivity, and clearance). These interfaces will allow the selinux
module to perform efficient matches based on lower level selinux constructs,
rather than relying on context retrievals and string comparisons within
the audit module. It also allows for dominance checks on the mls portion
of the contexts that are impossible with only string comparisons.Signed-off-by: Darrel Goeddel
Signed-off-by: Al Viro -
Signed-off-by: Al Viro
-
... it's always current, and that's a good thing - allows simpler locking.
Signed-off-by: Al Viro
-
now we can do that - all callers are process-synchronous and do not hold
any locks.Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
-
On Thursday 23 March 2006 09:08, John D. Ramsdell wrote:
> I noticed that a socketcall(bind) and socketcall(connect) event contain a
> record of type=SOCKADDR, but I cannot see one for a system call event
> associated with socketcall(accept). Recording the sockaddr of an accepted
> socket is important for cross platform information flow analysThanks for pointing this out. The following patch should address this.
Signed-off-by: Steve Grubb
Signed-off-by: Al Viro -
Don't assume that audit_log_exit() et.al. are called for the context of
current; pass task explictly.Signed-off-by: Al Viro
30 Apr, 2006
4 commits
-
* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc:
[PATCH] powerpc: update cell_defconfig
[PATCH] spufs: Disable local interrupts for SPE hash_page calls.
[PATCH] powerpc: Add cputable entry for POWER6
[PATCH] ppc32 CPM_UART: Fixed odd address translations
[PATCH] ppc32: Update board-specific code of the CPM UART users
[PATCH] ppc32 CPM_UART: Convert to use platform devices
[PATCH] ppc32: odd fixes and improvements in ppc_sys
[PATCH] powerpc: Wire up *at syscalls
[PATCH] ppc32: add 440GX erratum 440_43 workaround
[PATCH] powerpc: Use check_legacy_ioport() on ppc32 too.
[PATCH] powerpc64: Fix loading of modules without a .toc section
[PATCH] sound/ppc: snd_pmac_toonie_init should be __init
powerpc/pseries: Tell firmware our capabilities on new machines
[PATCH] powerpc: Fix pagetable bloat for hugepages -
Content of file au1200fb.c was duplicated. Remove.
Signed-off-by: Ralf Baechle
Signed-off-by: Antonino Daplas
Signed-off-by: Linus Torvalds -
Let people enable the advansys driver on x86-32, even though it's broken
on other architectures due to missing DMA mapping infrastructure.It's used by Jeffrey Phillips Freeman and
possibly others.Signed-off-by: Linus Torvalds
-
The FXSAVE information leak patch introduced a bug in FP exception
handling: it clears FP exceptions only when there are already
none outstanding. Mikael Pettersson reported that causes problems
with the Erlang runtime and has tested this fix.Signed-off-by: Chuck Ebbert
Acked-by: Mikael Pettersson
Signed-off-by: Linus Torvalds
29 Apr, 2006
4 commits
-
reflect the changes to Kconfig since the last update.
Signed-off-by: Arnd Bergmann
Signed-off-by: Paul Mackerras -
This patch disables and saves local interrupts during
hash_page processing for SPE contexts.We have to do it explicitly in the spu_irq_class_1_bottom
function. For the interrupt handlers, we get the behaviour
implicitly by using SA_INTERRUPT to disable interrupts while
in the handler.Signed-off-by: Arnd Bergmann
Signed-off-by: Paul Mackerras -
Add a cputable entry for the POWER6 processor.
The SIHV and SIPR bits in the mmcra have moved in POWER6, so disable
support for that until oprofile is fixed.Also tell firmware that we know about POWER6.
Signed-off-by: Anton Blanchard
Signed-off-by: Paul Mackerras -
transfer_objects should only be called when all of the cpus in the
node are online. CPU_DEAD notifier callback marks l3->shared to NULL.Signed-off-by: Jacob Shin
Signed-off-by: Linus Torvalds
28 Apr, 2006
19 commits
-
Add help text in Kconfig
Signed-off-by: Antonino Daplas
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
As reported in Bugzilla Bug 6406, resume from S3 results in a blank screen.
For the IBM Thinkpad X30 using vesafb as the console driver, successful resume
from S3 requires option acpi_sleep=s3_bios,s3_mode. Update documentation.I would presume that, in any hardware, using vesafb as the console driver will
require as a minimum s3_mode.Signed-off-by: Antonino Daplas
Cc:
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Add sys_set_robust_list, sys_get_robust_list, sys_splice, sys_sync_file and
sys_tee system calls.Signed-off-by: Martin Schwidefsky
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Generate new sysfs-attribute 'uid' that contains an device specific unique
identifier. This can be used to identity multiple ALIASES of the same
physical device (PAV). In addition the sysfs-attributes 'vendor' (containing
the manufacturer of the device) and 'alias' (identify alias or base device) is
added. This is first part of PAV support in LPAR (also valid on zVM).Signed-off-by: Horst Hummel
Signed-off-by: Martin Schwidefsky
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Add a read_mostly section and define __read_mostly to prevent cache line
pollution due to writes for mostly read variables. In addition fix the
incorrect alignment of the cache_line_aligned data section. s390 has a
cacheline size of 256 bytes.Signed-off-by: Christian Borntraeger
Signed-off-by: Martin Schwidefsky
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
In case of an instruction processing damage (IPD) machine check in kernel mode
the resulting action is always to stop the kernel. This is not necessarily
the best solution since a retry of the failing instruction might succeed. Add
logic to retry the instruction if no more than 30 instruction processing
damage checks occured in the last 5 minutes.Signed-off-by: Heiko Carstens
Signed-off-by: Martin Schwidefsky
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Print a warning with the z/VM error code if segment_load, segment_type or
segment_save fail to ease the problem determination.Signed-off-by: Gerald Schaefer
Signed-off-by: Martin Schwidefsky
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Added some changes that where proposed by Andrew Morton. Added 3592 device
type.Signed-off-by: Stefan Bader
Signed-off-by: Martin Schwidefsky
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Add support for atomic futex operations.
Signed-off-by: Martin Schwidefsky
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
With CONFIG_SLAB_DEBUG=y networking over qeth doesn't work. The problem is
that the qib structure embedded in the qeth_irq structure needs an alignment
of 256 but kmalloc only guarantees an alignment of 8. When using SLAB
debugging the alignment of qeth_irq is not sufficient for the embedded qib
structure which causes all users of qdio (qeth and zfcp) to stop working.
Allocate qeth_irq structure with __get_free_page. That wastes a small amount
of memory (~2500 bytes) per online adapter.Signed-off-by: Christian Borntraeger
Signed-off-by: Martin Schwidefsky
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
The dasd state machine is not designed to enable an unformatted device, since
'unformatted' is a final state. The BIODASDENABLE ioctl calls
dasd_enable_device() which never returns if the device is in this special
state. Return -EPERM in dasd_increase_state for unformatted devices to make
dasd_enable_device terminate. Note: To get such an unformatted device online
it has to be re-analyzed. This means that the device needs to be disabled
prior to re-enablement.Signed-off-by: Horst Hummel
Signed-off-by: Martin Schwidefsky
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Avoid memory allocation with GFP_KERNEL in qdio_establish/qdio_shutdown. Use
memory pool instead. (Otherwise this can lead to an I/O stall where qdio
waits for a free page and zfcp waits for end of error recovery in low memory
situations.)Signed-off-by: Andreas Herrmann
Signed-off-by: Martin Schwidefsky
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
If a signal handler has been established with the SA_ONSTACK option but no
alternate stack is provided with sigaltstack(), the kernel still tries to
install the alternate stack. Also when setting an alternate stack with
sigalstack() and the SS_DISABLE flag, the kernel tries to install the
alternate stack on signal delivery. Use the correct conditions sas_ss_flags()
to check if the alternate stack has to be used.Signed-off-by: Laurent Meyer
Signed-off-by: Martin Schwidefsky
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Interrupts can stay disabled if an error occurred in _chp_add(). Use
spin_unlock_irq on the error paths to reenable interrupts.Signed-off-by: Stefan Bader
Signed-off-by: Martin Schwidefsky
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Fix a race condition in the I/O termination logic. The race can cause I/O to
a dasd device to fail with no retry left after turning one channel path to the
device off and on multiple times.Signed-off-by: Peter Oberparleiter
Signed-off-by: Martin Schwidefsky
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Fix resume_execution() to handle iret and absolute jump opcode correctly on
i386.Signed-off-by: Masami Hiramatsu
Cc: Ananth N Mavinakayanahalli
Cc: "Keshavamurthy, Anil S"
Cc: Prasanna S Panchamukhi
Cc: Jim Keniston
Cc: Yumiko Sugita
Cc: Satoshi Oshima
Cc: Hideo Aoki
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
When trap happens in user space, kprobe_exceptions_notify() funtion will
skip it. This patch deletes some unnecessary code for VM_MASK judgement in
eflags.Signed-off-by: bibo, mao
Cc: Masami Hiramatsu
Cc: Ananth N Mavinakayanahalli
Acked-by: "Keshavamurthy, Anil S"
Acked-by: Prasanna S Panchamukhi
Cc: Jim Keniston
Cc: Yumiko Sugita
Cc: Satoshi Oshima
Cc: Hideo Aoki
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Running abnormal VM splits causes weird problems - people can set non-standard
splits by accident, then lots of time gets wasted diagnosing it - see the long
"[stable] 2.6.16.6 breaks java... sort of" email thread.So we need to make this option harder to set. Use CONFIG_EMBEDDED for this.
CONFIG_EMBEDDED isn't really the right thing to use, but there's nothing else
obvious and avoiding these problems is more important than Kconfig purity.Signed-off-by: Andi Kleen
Cc: Adrian Bunk
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
CPU_HOTPLUG has race conditions when we use broadcast mode IPI.
- First we introduced no_broadcast option
(see include/asm-i386/mach-default/mach_ipi.h)- x86_64 solved it by using physical flat mode (same as bigsmp on i386)
since this will not use broadcast shortcuts for IPI.- We switched to use bigsmp on i386 so that we can have same handling as
x86_64, but apparently this caused an error message, if kernel was
compiled without X86_GENERICARCH, X86_BIGSMP. The message "You have >8
CPUS..." which was bogus and misleading, and only indicated one of the
above ARCH wasnt selected.So we do not switch to automatic bigsmp for HOTPLUG_CPU support in i386
until the other related config dependencies for SMP_SUSPEND etc can be done
right.Signed-off-by: Ashok Raj
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
